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DETAILED ACTION 

1 . This action is in response to request for reconsideration filed on December 29, 
2004. Claim 25 was cancelled. New Claim 27 was added. Presently Claims 1 - 24, 26 
and 27 are pending. 

Response to Arguments 

2. Applicant's arguments filed on December 29, 2004, have been fully considered 
but they are not persuasive for the following reasons: 

3. Applicant argued that the cited prior art (CPA) [Devine et al. (U.S. Patent number 
6,606,708, hereafter "Devine")] does not teach, suggest or disclose "load balancing 
function", "resource intensive protocol in determining where to place that proxy", 
connecting a second load host computer to reflect the new connection", "configuration 
file" and "distributing the load in round robin fashion". 

4. Devine teaches a method for providing secure access to an enterprise network. 
The network and platform components include clients (the Customer workstations), the 
Demilitarized Zone (DMZ), a cluster of Web servers, the Dispatcher Server, the 
application server and the legacy systems (Column 5 line 38 - Column 6 line 67. 
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5. Regarding Claims 1 , 24, 26 and 27, Devine teaches and describes "load 
balancing function (Column 9 lines 42 - 59 and Column 23 lines 17 - 47)", "identifying 
resource intensive protocol (Column 22 line 52 - Column 23 line 28 and Column 24 
lines 19 - 43)", "connecting a second load host computer to dispatcher (Column 24 
lines 44 - 51)", "Configuration file (Column 22 lines 25 - 30 and Column 23 lines 29 - 
32), and "distributing the load in round robin fashion (Column 23 lines 61 - 64)" 

6. Applicant clearly has failed to explicitly identify specific claim limitations, which 
would define a patentable distinction over prior arts. Therefore, the examiner 
respectfully asserts that Devine does teach or suggest the subject matter broadly 
recited in independent claims 1, 10, 17 and 23. Dependent claims 2-9, 11-16, 18-22, 24, 
26 and 27 are also rejected at least by virtue of their dependency on independent 
claims and by other reason set forth in this and previous (June 24, 2004) office action. 

Accordingly, the rejection for the pending Claims 1 - 24, 26 and 27 is respectfully 
maintained. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 



A person shall be entitled to a patent unless - 
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(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

7. Claims 1 - 24, 26 and 27 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Devine et al. (U.S. Patent Number 6,606,708). 

8. Regarding Claim 1 , Devine teaches and describes, a computer system for 
providing proxy firewall services for a computer network (Fig. 4, 9, 12, 13a, 13b and 
Column 6 line 38 - Column 10 line 27), comprising: 

a dispatch host computer, said dispatch host computer being connectable to an 
external network (Fig. 4 and Column 6 lines 38-43); and 

at least one load host computer coupled to said dispatch host computer, said at 
least one load host computer configured to provide proxy firewall services, said at least 
one load host computer being connectable to one or more application servers, wherein 
said connection from the external network is distributed from said dispatch host 
computer to a particular load host computer based on an analysis of the type of protocol 
of the connection and an analysis of activity across the load host computers (Fig. 4 and 
Column 9 lines 42 - 59). 

9. Regarding Claim 10, Devine teaches and describes, a method of providing proxy 
firewall services for a computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - 
Column 10 line 27), comprising: 
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identifying a set of load host computers, each load host computer in said set of 
load host computers being configured to provide proxy firewall services (Fig. 4, 9 and 
Column 9 line 42 - Column 10 line 67); 

monitoring one or more incoming ports at a dispatch host computer for a * 
connection (Fig. 3 lines 27 - 40); 

upon identification of said connection, selecting from said set of load host 
computers a load host computer to which said connection should be forwarded based 
on an analysis of the type of protocol of said connection and an analysis of activity 
across the load host computers (Fig. 4; Column 9 lines 42 - 59; Column 13 lines 28 - 
59 and column 24 line 66 - Column 25 line 67). 

10. Regarding Claim 17, Devine teaches and describes, a firewall network resource 
method (Fig. 4, 9, 1 2, 1 3a, 1 3b and Column 6 line 38 - Column 1 0 line 27) comprising: 

identifying a resource intensive protocol (Fig. 4, 9; Column 9 line 42 - Column 10 
line 67 and Column 24 line 66 - Column 25 line 67); 

designating a load host computer for providing primary support for said resource 
intensive protocol (Column 9 line 24 - Column 10 line 67 and Column 13 line 30 - 
Column 14 line 37); and 

routing a connection for said resource intensive protocol from a dispatch host 
computer to said designated load host (Column 7 lines 27 - 37; Column 9 line 24 - 
Column 10 line 67; Column 13 line 30 - Column 14 line 37 and Column 23 lines 17 - 
40). 
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11. Regarding Claim 23, Devine teaches and describes, a method of expanding 
proxy firewall services for a computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 
38 - Column 10 line 27) comprising: 

receiving a connection at a dispatch host computer (Fig. 4, 9; Column 8 lines 22 
- 35; Column 10 lines 9-27 and Column 13 lines 60 - 65); 

selecting a first load host computer to which the connection should be forwarded; 
forwarding said connection to said first load host computer (Column 6 lines 38 - 43 and 
Column 23 lines 4 -16); 

connecting a second load host computer to said dispatch host computer; and 
updating a configuration tile on said dispatch host computer to reflect the connection of 
said second load host computer, wherein upon said updating, said second load host 
computer is available to process forwarded connections from said dispatch host 
computer (Column 7 lines 27 - 37; Column 23 lines 1 7 - 40 and Column 24 lines 44 - 
51). 

12. Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), 
wherein said dispatch host computer includes a monitoring element that listens for 
connections on multiple ports (Column 10 line 9 - 22; Column 22 lines 21 - 32 and 
Column 23 line 17 - Column 24 line 34). 
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13. Claim 4 is rejected as applied above in rejecting claim 1 . Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
computer network (Fig. 4, 9, 1 2, 1 3a, 1 3b and Column 6 line 38 - Column 1 0 line 27), 
wherein at least one load host computer is protocol specific load host computer 
(Column 23 liens 17-40). 

14. Claim 5 is rejected as applied above in rejecting claim 1 . Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), 
wherein at least one load host computer can handle multiple protocols (Column 23 lines 
4-47). 

15. Claim 6 is rejected as applied above in rejecting claim 1. Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), 
wherein said at least one load host computer and said dispatch host computer 
communicate information regarding the connecting of said at least one load host 
computer to the computer system (Fig. 4 and Column 22 lines 6-30 and Column 24 
lines 7-43). 

16. Claim 9 is rejected as applied above in rejecting claim 1 . Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
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computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), 
wherein said dispatch host computer provides proxy firewall services (Column 21 lines 
21 -43). 

17. Claim 1 1 is rejected as applied above in rejecting claim 10. Furthermore, Devine 
teaches and describes, a method of providing proxy firewall services for a computer 
network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), wherein 
said identifying comprises communicating information between said dispatch host 
computer and said load host computers relating to the availability of said load host 
computers (Column 10 lines 9 - 27). 

18. Claim 12 is rejected as applied above in rejecting claim 10. Furthermore, Devine 
teaches and describes, a method of providing proxy firewall services for a computer 
network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), wherein 
said monitoring for a connection with a dispatch proxy that monitors one or more 
incoming ports on said dispatch host computer simultaneously (Column 10 lines 9 - 27). 

19. Claim 13 is rejected as applied above in rejecting claim 10. Furthermore, Devine 
teaches and describes, a method of providing proxy firewall services for a computer 
network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), wherein 
said selecting comprises selecting a load host computer based on a round robin load 
distribution among said load host computers (Column 23 lines 48 - 64). 
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20. Claim 14 is rejected as applied above in rejecting claim 10. Furthermore, Devine 
teaches and describes, a method of providing proxy firewall services for a computer 
network (Fig. 4, 9, 1 2, 1 3a, 1 3b and Column 6 line 38 - Column 1 0 line 27), wherein 
said selecting comprises selecting a load host computer based on the availability of the 
load host computers (Column 9 line 42 - Column 10 line 67 and Column 23 lines 17 - 
37). 



21. Claim 15 is rejected as applied above in rejecting claim 10. Furthermore, Devine 
teaches and describes, a method of providing proxy firewall services for a computer 
network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 -Column 10 line 27), wherein 
said selecting a load host computer based on the percentage of the total number of 
simultaneous proxied connections the load host computer can support (Column 9 lines 
22 - 35; Column 10 lines 9-27 and Column 23 lines 4 - 52). 



22. Claim 16 is rejected as applied above in rejecting claim 10. Furthermore, Devine 
teaches and describes, a method of providing proxy firewall services for a computer 
network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), wherein 
said selecting comprises selecting a load host computer that can support a resource 
intensive protocol (Fig. 4, 9; Column 9 line 42 - Column 10 line 67 and Column 24 line 
66 - Column 25 line 67). 
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23. Claim 18 is rejected as applied above in rejecting claim 17. Furthermore, Devine 
teaches and describes, a firewall network resource method (Fig. 4, 9, 12, 13a, 13b and 
Column 6 line 38 - Column 10 line 27), further comprising processing on the dispatch 
host computer a connection for at least one protocol other than resource intensive 
protocol (Column 10 lines 9-27 and Column 13 lines 60 - Column 14 lines 32). 

24. Claim 19 is rejected as applied above in rejecting claim 17. Furthermore, Devine 
teaches and describes, a firewall network resource method (Fig. 4, 9, 12, 13a, 13b and 
Column 6 line 38 - Column 10 line 27), wherein said designated load host provides 
exclusive support for said resource intensive protocol (Column 9 line 42 - Column 10 
line 67 and Column 24 line 66 - Column 25 line 67), and 

wherein designating includes analyzing activity across a plurality of host 
computers and selecting a load host computer based on the load hose computer activity 
analysis (Column 25 lines 52 - 64). 

25. Claim 20 is rejected as applied above in rejecting claim 17. Furthermore, Devine 
teaches and describes, a firewall network resource method (Fig. 4, 9, 12, 13a, 13b and 
Column 6 line 38 - Column 10 line 27), wherein said designated load host is dedicated 
to said resource intensive protocol (Column 9 line 42 - Column 10 line 67 and Column 
24 line 66 - Column 25 line 67). 
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26. Claim 21 is rejected as applied above in rejecting claim 17. Furthermore, Devine 
teaches and describes, a firewall network resource method (Fig. 4, 9, 12, 13a, 13b and 
Column 6 line 38 - Column 10 line 27), further comprising: 

designating another load host for multi-purpose support (Fig. 4 Column 8 lines 22 

-35). 

27. Claim 22 is rejected as applied above in rejecting claim 17. Furthermore, Devine 
teaches and describes, a firewall network resource method (Fig. 4, 9, 12, 13a, 13b and 
Column 6 line 38 - Column 10 line 27), wherein said dispatch host computer has multi- 
purpose support (Fig. 14; Column 9 line 42 - Column 10 line 22). 

28. Claim 24 is rejected as applied above in rejecting claim 23. Furthermore, Devine 
teaches and describes, a method of expanding proxy firewall services for a computer 
network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), wherein 
said updating comprises communicating information between said dispatch host 
computer and said second load host computer regarding the availability of said second 
load host computer (Fig. 14; Column 7 lines 27 - 37; Column 23 lines 17-40 and 
Column 24 lines 44-51). 

29. Claim 26 is rejected as applied above in rejecting claim 23. Furthermore, Devine 
teaches and describes, a method of expanding proxy firewall services for a computer 
network (Fig. 4, 9,12,1 3a, 1 3b and Column 6 line 38 - Column 1 0 line 27), wherein 



Application/Control Number: 09/774,001 Page 12 

Art Unit: 2136 

said connecting and said updating occur during the provision of proxy firewall services 
(Column 24 lines 19-26). 

30. Claim 27 is rejected as applied above in rejecting claim 23. Furthermore, Devine 
teaches and describes, a method of expanding proxy firewall services for a computer 
network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), wherein 
said connecting includes signaling the dispatch host computer upon connection 
(Column 24 lines 44 - 51 ). 

31. Claim 3 is rejected as applied above in rejecting claim 2. Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), 
wherein said monitoring element is a dispatch proxy (Fig. 9, Column 10 lines 9 - 22). 

32. Claim 7 is rejected as applied above in rejecting claim 6. Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 -Column 10 line 27), 
wherein said dispatch host computer includes a configuration file with information 
relating to any load host computers in the computer system (Column 23 lines 17-47 
and Column 24 lines 35 - 43). 
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33. Claim 8 is rejected as applied above in rejecting claim 7. Furthermore, Devine 
teaches and describes a computer system for providing proxy firewall services for a 
computer network (Fig. 4, 9, 12, 13a, 13b and Column 6 line 38 - Column 10 line 27), 
wherein upon the connection of another load host computer to the computer system, 
said configuration file is updated to reflect the availability of said another load host 
computer in the computer system (Column 23 lines 17 - 47). 

Conclusion 

34. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Pramila Parthasarathy whose telephone number is 571- 
272-3866. The examiner can normally be reached on 8:00a.m. To 5:00p.m.. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-232-3795. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR only. For more 
information about the PAIR system, contact the Electronic Business Center (EBC) at 
866-217-9197 (toll-free). 

Pramila Parthasarathy . 



March 20, 2005. 



' AYAZ SHEIKH 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




